d40922f2202d0712567888a9d758d52fd1ea346ebd713013cd41b3941726480c | Triage

Submit
Reports

Overview

overview

8

Static

static

d40922f220...0c.exe

windows7-x64

8

d40922f220...0c.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

d40922f2202d0712567888a9d758d52fd1ea346ebd713013cd41b3941726480c
Size

740KB
Sample

221203-18fstsad85
MD5

49c9ffb13a4f3d16ef3b6e7604752deb
SHA1

d3aeddaf4078a4f9784b697b958baac7b9e6410e
SHA256

d40922f2202d0712567888a9d758d52fd1ea346ebd713013cd41b3941726480c
SHA512

44ab4e8a29d7dd2409bdd593861c2d854d02516257ffce92e6dc759894d0c549014675569f2844514adf76d8cdcade52aaef672c3eb5542fbfa0e1179583ea6d
SSDEEP

12288:Hu7sAF/9kWyUtuOsaM0YMFd/0Fp++nrxoq93DkJ0pfS:O/yWyBOsaM0jv/sp+2Sq9zkJ0VS

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

d40922f2202d0712567888a9d758d52fd1ea346ebd713013cd41b3941726480c.exe

Resource

win7-20221111-en

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

d40922f2202d0712567888a9d758d52fd1ea346ebd713013cd41b3941726480c.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  d40922f2202d0712567888a9d758d52fd1ea346ebd713013cd41b3941726480c
- Size
  
  740KB
- MD5
  
  49c9ffb13a4f3d16ef3b6e7604752deb
- SHA1
  
  d3aeddaf4078a4f9784b697b958baac7b9e6410e
- SHA256
  
  d40922f2202d0712567888a9d758d52fd1ea346ebd713013cd41b3941726480c
- SHA512
  
  44ab4e8a29d7dd2409bdd593861c2d854d02516257ffce92e6dc759894d0c549014675569f2844514adf76d8cdcade52aaef672c3eb5542fbfa0e1179583ea6d
- SSDEEP
  
  12288:Hu7sAF/9kWyUtuOsaM0YMFd/0Fp++nrxoq93DkJ0pfS:O/yWyBOsaM0jv/sp+2Sq9zkJ0VS
Score

8^/10

persistence
- Executes dropped EXE
- Sets file execution options in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy